DE112018004408B4 - Identifikation von angriffsströmen in einer mehrschichtigen netzwerktopologie - Google Patents

Identifikation von angriffsströmen in einer mehrschichtigen netzwerktopologie Download PDF

Info

Publication number
DE112018004408B4
DE112018004408B4 DE112018004408.4T DE112018004408T DE112018004408B4 DE 112018004408 B4 DE112018004408 B4 DE 112018004408B4 DE 112018004408 T DE112018004408 T DE 112018004408T DE 112018004408 B4 DE112018004408 B4 DE 112018004408B4
Authority
DE
Germany
Prior art keywords
latency
connection
network
packets
processor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
DE112018004408.4T
Other languages
German (de)
English (en)
Other versions
DE112018004408T5 (de
Inventor
Chun-Shuo Lin
Cheng-Ta Lee
Yin Lee
Chih-Hung Chou
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of DE112018004408T5 publication Critical patent/DE112018004408T5/de
Application granted granted Critical
Publication of DE112018004408B4 publication Critical patent/DE112018004408B4/de
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
DE112018004408.4T 2017-10-18 2018-10-11 Identifikation von angriffsströmen in einer mehrschichtigen netzwerktopologie Active DE112018004408B4 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/787,505 2017-10-18
US15/787,505 US10609068B2 (en) 2017-10-18 2017-10-18 Identification of attack flows in a multi-tier network topology
PCT/IB2018/057875 WO2019077444A1 (en) 2017-10-18 2018-10-11 IDENTIFICATION OF ATTACK FLOW IN MULTI-LEVEL NETWORK TOPOLOGY

Publications (2)

Publication Number Publication Date
DE112018004408T5 DE112018004408T5 (de) 2020-05-20
DE112018004408B4 true DE112018004408B4 (de) 2023-02-09

Family

ID=66097133

Family Applications (1)

Application Number Title Priority Date Filing Date
DE112018004408.4T Active DE112018004408B4 (de) 2017-10-18 2018-10-11 Identifikation von angriffsströmen in einer mehrschichtigen netzwerktopologie

Country Status (6)

Country Link
US (2) US10609068B2 (ja)
JP (1) JP7002647B2 (ja)
CN (1) CN111226426B (ja)
DE (1) DE112018004408B4 (ja)
GB (1) GB2579758B (ja)
WO (1) WO2019077444A1 (ja)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2413699B1 (en) 2009-04-01 2019-11-20 Tearscience, Inc. Ocular surface interferometry (osi) apparatus for imaging an ocular tear film
ES2901406T3 (es) 2013-05-03 2022-03-22 Tearscience Inc Sistemas y métodos de iluminación de párpados para imagenología de las glándulas de Meibomio para análisis de las glándulas de Meibomio
EP3712721A1 (de) * 2019-03-19 2020-09-23 Siemens Aktiengesellschaft Sicherheitsrelevante diagnosemeldungen
US20220174087A1 (en) * 2019-03-28 2022-06-02 Nec Corporation Analysis system, method, and program
CN111885034B (zh) * 2020-07-15 2022-09-13 杭州安恒信息技术股份有限公司 物联网攻击事件追踪方法、装置和计算机设备

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160127262A1 (en) 2014-10-31 2016-05-05 The Nielsen Company (Us), Llc Method and apparatus to throttle media access by web crawlers
US9762610B1 (en) 2015-10-30 2017-09-12 Palo Alto Networks, Inc. Latency-based policy activation

Family Cites Families (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7653706B2 (en) * 2000-07-19 2010-01-26 Akamai Technologies, Inc. Dynamic image delivery system
US9525696B2 (en) * 2000-09-25 2016-12-20 Blue Coat Systems, Inc. Systems and methods for processing data flows
US7895431B2 (en) 2004-09-10 2011-02-22 Cavium Networks, Inc. Packet queuing, scheduling and ordering
US7468981B2 (en) * 2005-02-15 2008-12-23 Cisco Technology, Inc. Clock-based replay protection
JP4602158B2 (ja) * 2005-05-25 2010-12-22 三菱電機株式会社 サーバ装置保護システム
US20090030870A1 (en) 2007-07-27 2009-01-29 Microsoft Corporation Error propagation in object-relational mapping platform
WO2009148021A1 (ja) * 2008-06-03 2009-12-10 株式会社日立製作所 パケット解析装置
WO2011109420A1 (en) * 2010-03-01 2011-09-09 Silver Tail Systems System and method for network security including detection of attacks through partner websites
US9483292B2 (en) * 2010-11-29 2016-11-01 Biocatch Ltd. Method, device, and system of differentiating between virtual machine and non-virtualized device
US8826437B2 (en) * 2010-12-14 2014-09-02 General Electric Company Intelligent system and method for mitigating cyber attacks in critical systems through controlling latency of messages in a communications network
US8789158B2 (en) * 2011-02-17 2014-07-22 Ebay Inc. Using clock drift, clock slew, and network latency to enhance machine identification
US8549645B2 (en) * 2011-10-21 2013-10-01 Mcafee, Inc. System and method for detection of denial of service attacks
US8683592B1 (en) 2011-12-30 2014-03-25 Emc Corporation Associating network and storage activities for forensic analysis
US9282116B1 (en) * 2012-09-27 2016-03-08 F5 Networks, Inc. System and method for preventing DOS attacks utilizing invalid transaction statistics
CN102882884B (zh) * 2012-10-13 2014-12-24 国家电网公司 信息化生产环境下基于蜜网的风险预警系统及方法
US10348767B1 (en) * 2013-02-26 2019-07-09 Zentera Systems, Inc. Cloud over IP session layer network
WO2014199687A1 (ja) * 2013-06-13 2014-12-18 日立オートモティブシステムズ株式会社 ネットワーク装置およびネットワークシステム
US9178899B2 (en) * 2013-08-28 2015-11-03 Bank Of America Corporation Detecting automated site scans
US9208335B2 (en) 2013-09-17 2015-12-08 Auburn University Space-time separated and jointly evolving relationship-based network access and data protection system
CA2929304C (en) * 2013-11-04 2020-08-18 Amazon Technologies, Inc. Centralized networking configuration in distributed systems
EP2879343A1 (en) * 2013-11-29 2015-06-03 Nederlandse Organisatie voor toegepast- natuurwetenschappelijk onderzoek TNO System for protection against DDos attacks
US10091238B2 (en) * 2014-02-11 2018-10-02 Varmour Networks, Inc. Deception using distributed threat detection
US9660895B1 (en) * 2014-03-04 2017-05-23 Amazon Technologies, Inc. Geolocation routing and simulation of network conditions
CN103916387B (zh) 2014-03-18 2017-06-06 汉柏科技有限公司 一种防护ddos攻击的方法及系统
US9497215B2 (en) * 2014-07-23 2016-11-15 Cisco Technology, Inc. Stealth mitigation for simulating the success of an attack
US9800592B2 (en) * 2014-08-04 2017-10-24 Microsoft Technology Licensing, Llc Data center architecture that supports attack detection and mitigation
US9912681B1 (en) * 2015-03-31 2018-03-06 Fireeye, Inc. Injection of content processing delay in an endpoint
US10084642B2 (en) * 2015-06-02 2018-09-25 ALTR Solutions, Inc. Automated sensing of network conditions for dynamically provisioning efficient VPN tunnels
US10095878B2 (en) * 2015-06-02 2018-10-09 ALTR Solutions, Inc. Internal controls engine and reporting of events generated by a network or associated applications
US10142353B2 (en) * 2015-06-05 2018-11-27 Cisco Technology, Inc. System for monitoring and managing datacenters
US10536357B2 (en) * 2015-06-05 2020-01-14 Cisco Technology, Inc. Late data detection in data center
US9912678B2 (en) * 2015-06-24 2018-03-06 Verisign, Inc. Techniques for automatically mitigating denial of service attacks via attack pattern matching
US9462010B1 (en) * 2015-07-07 2016-10-04 Accenture Global Services Limited Threat assessment level determination and remediation for a cloud-based multi-layer security architecture
JP6028839B1 (ja) * 2015-07-16 2016-11-24 日本電気株式会社 通信装置、通信処理方法、プログラム
US10181986B2 (en) * 2015-11-02 2019-01-15 International Business Machines Corporation Action records in virtual space
CN105490882B (zh) 2015-12-11 2018-10-23 上海大学 可抵御膨胀攻击的网络物理带宽测量方法
US10129125B2 (en) * 2015-12-18 2018-11-13 Mcafee, Llc Identifying a source device in a software-defined network
US9917775B2 (en) * 2015-12-22 2018-03-13 Mcafee, Llc Intelligent devices in a software-defined network
US10735438B2 (en) * 2016-01-06 2020-08-04 New York University System, method and computer-accessible medium for network intrusion detection
CN105743880A (zh) 2016-01-12 2016-07-06 西安科技大学 一种数据分析系统
US10701076B2 (en) * 2016-01-14 2020-06-30 Arbor Networks, Inc. Network management device at network edge for INS intrusion detection based on adjustable blacklisted sources
US9942253B2 (en) * 2016-01-15 2018-04-10 Kentlik Technologies, Inc. Network monitoring, detection, and analysis system
US10958414B2 (en) * 2016-02-23 2021-03-23 Google Llc Clock period randomization for defense against cryptographic attacks
US10296748B2 (en) * 2016-02-25 2019-05-21 Sas Institute Inc. Simulated attack generator for testing a cybersecurity system
US20170295200A1 (en) * 2016-04-11 2017-10-12 Taric Mirza Distributed Denial Of Service Attack Protection
US10305807B2 (en) * 2016-05-03 2019-05-28 Citrix Systems, Inc. Systems and methods to choose an optimal path from multiple high latency links
US20170364794A1 (en) * 2016-06-20 2017-12-21 Telefonaktiebolaget Lm Ericsson (Publ) Method for classifying the payload of encrypted traffic flows
US10397247B2 (en) * 2016-08-16 2019-08-27 International Business Machines Corporation Smart intrusion prevention policy
EP3293937A1 (en) * 2016-09-12 2018-03-14 Vectra Networks, Inc. Method and system for detecting malicious payloads
US9692784B1 (en) * 2016-10-25 2017-06-27 Fortress Cyber Security, LLC Security appliance
US9756061B1 (en) * 2016-11-18 2017-09-05 Extrahop Networks, Inc. Detecting attacks using passive network monitoring
US20180159894A1 (en) * 2016-12-01 2018-06-07 Cisco Technology, Inc. Automatic threshold limit configuration for internet of things devices
US11122129B2 (en) * 2016-12-31 2021-09-14 Intel Corporation Virtual network function migration
US10757161B2 (en) * 2017-01-09 2020-08-25 Citrix Systems, Inc. Learning technique for QoS based classification and prioritization of SAAS applications
US10609054B2 (en) * 2017-04-07 2020-03-31 Keysight Technologies Singapore (Sales) Pte. Ltd. Methods, systems, and computer readable media for monitoring, adjusting, and utilizing latency associated with accessing distributed computing resources
US10904288B2 (en) * 2017-04-18 2021-01-26 Perspecta Labs Inc. Identifying and deceiving adversary nodes and maneuvers for attack deception and mitigation
US10762201B2 (en) * 2017-04-20 2020-09-01 Level Effect LLC Apparatus and method for conducting endpoint-network-monitoring
US10484418B2 (en) * 2017-05-26 2019-11-19 ShieldX Networks, Inc. Systems and methods for updating security policies for network traffic
US10862921B2 (en) * 2017-07-31 2020-12-08 Cisco Technology, Inc. Application-aware intrusion detection system
US10116671B1 (en) * 2017-09-28 2018-10-30 International Business Machines Corporation Distributed denial-of-service attack detection based on shared network flow information

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160127262A1 (en) 2014-10-31 2016-05-05 The Nielsen Company (Us), Llc Method and apparatus to throttle media access by web crawlers
US9762610B1 (en) 2015-10-30 2017-09-12 Palo Alto Networks, Inc. Latency-based policy activation

Also Published As

Publication number Publication date
CN111226426A (zh) 2020-06-02
US11122077B2 (en) 2021-09-14
US10609068B2 (en) 2020-03-31
US20200153857A1 (en) 2020-05-14
DE112018004408T5 (de) 2020-05-20
US20190116203A1 (en) 2019-04-18
GB202006906D0 (en) 2020-06-24
CN111226426B (zh) 2022-09-13
GB2579758A (en) 2020-07-01
GB2579758B (en) 2021-02-24
WO2019077444A1 (en) 2019-04-25
JP7002647B2 (ja) 2022-01-20
JP2021500640A (ja) 2021-01-07

Similar Documents

Publication Publication Date Title
DE112018004408B4 (de) Identifikation von angriffsströmen in einer mehrschichtigen netzwerktopologie
US11297088B2 (en) System and method for comprehensive data loss prevention and compliance management
DE60308722T2 (de) Verfahren, vorrichtung und computersoftware-produkt zur reaktion auf computereinbrüche
Nikolai et al. Hypervisor-based cloud intrusion detection system
DE112014001229B4 (de) Verfahren, Datenverarbeitungssystem und Computerprogrammprodukt zum Verarbeiten einer Datenbank-Client-Anforderung
DE112010003454B4 (de) Bedrohungserkennung in einem Datenverarbeitungssystem
CN106790091B (zh) 一种云安全防护系统以及流量清洗方法
DE102016203565B4 (de) Identifizieren von bösartigen Web-Infrastrukturen
DE112011101831B4 (de) Schutz vor websiteübergreifenden Scripting-Attacken
DE112019004913T5 (de) Erfassen von unangemessener aktivität in anwesenheit von nicht authentifizierten api-anforderungen unter verwendung von künstlicher intelligenz
DE112011103273B4 (de) Verfahren, Computerprogrammprodukt und Vorrichtung zur Weitergabe von Identitäten über Anwendungsebenen unter Verwendung von kontextabhängiger Zuordnung und gesetzten Werten
DE202011111121U1 (de) System zum Erfassen komplexer Schadsoftware
EP2966828B1 (de) Verfahren zum Erkennen eines Angriffs auf eine mit einem Kommunikationsnetzwerk verbundene Arbeitsumgebung
DE112017000937B4 (de) Persistente Datenflusserkennungen, die verteilte Anwendungen ermöglichen
DE10249427A1 (de) System und Verfahren zum Definieren des Sicherheitszustands eines Computersystems
DE112014002789T5 (de) Netzwerksicherheitssystem
DE112012000279T5 (de) Ermitteln der Anfälligkeit von Computer-Software-Anwendungen gegenüber Rechteausweitungsangriffen
DE112014000578T5 (de) System und Verfahren zum Erkennen eines kompromittierten Computersystems
DE112019000594T5 (de) Injizieren von Abfangcode in einen Ausführungspfad eines ein Programm ausführenden Prozesses, um einen Abfangadressbereich zu erzeugen, um möglichen schädlichen Programmcode zu erkennen
DE102015107073A1 (de) Vorrichtung und Verfahren zur Steuerung eines Kommunikationsnetzwerks
DE102020112592A1 (de) Anwendungsverhaltensbezogene Fingerabdrücke
DE112022003368T5 (de) Verschlüsselungsüberwachungsregister und -system
EP3655876B1 (de) Ein-chip-system, verfahren zum betrieb eines ein-chip-systems und kraftfahrzeug
DE112021000455T5 (de) Deep packet analyse
EP3824612B1 (de) Penetrationstestverfahren, computerprogramm und vorrichtung zur datenverarbeitung

Legal Events

Date Code Title Description
R012 Request for examination validly filed
R079 Amendment of ipc main class

Free format text: PREVIOUS MAIN CLASS: H04L0029060000

Ipc: H04L0012260000

R079 Amendment of ipc main class

Free format text: PREVIOUS MAIN CLASS: H04L0012260000

Ipc: H04L0043000000

R016 Response to examination communication
R018 Grant decision by examination section/examining division
R084 Declaration of willingness to licence
R020 Patent grant now final